I recently made a website for freelance web design and am hosting it through GitHub and renting a domain name from GoDaddy. The site is HTTPS and the developer tools show no security issues. When I click a link to it on my laptop, the connection is secure. However, when I click the same link on my phone (iPhone XR), it says that the connection is not secure. When I check the URL, it is HTTPS.
Does anyone know why this may be happening?
Also, am I allowed to put the link to my website in my question, or is that against the rules (for like self-promotion or something).
Thanks!
Related
I have designed and set up a website for a client at https://deabreuandcohen.co.za/. I have Jetpack monitoring activated.
I get daily notifications that the site goes down and comes back up again. The hosting reseller says it is the Wordpress website but I have updated everything, done a malware scan, etc and I can't see any reason why this should be happening.
What are my next steps to troubleshoot this?
In terms of why your website is going down ,
i have done a small inspection on your website in the developer tools
when the website goes down it seems some documents are not loaded to the page .
Have you tried installing a web application firewall to your website , this could be indication of DDOS attacks on your website?
In Terms of security
Install these plugins
WAF Webapplication Firewall https://wordpress.org/plugins/web-application-firewall/
Cloudflare which enables ddos mitigation https://wordpress.org/plugins/cloudflare/
Read more about DDOS Mitigation https://www.cloudflare.com/learning/ddos/ddos-mitigation/
https://sitecheck.sucuri.net/results/https/deabreuandcohen.co.za
Here is a free website scanner by succri and their results
Btw i checked the network tab
There are no traces for ddos but these would help you in terms of security
Possible security fixes
Your TLS Certificate is expired
Your WordPress version could be updated to WordPress 6.0 , but please backup your website first or download your theme and test it in a local development environment
You have no firewall installed ,
Add cloudflare to your website for free to apply ddos mitigation
I'm new with this kind of issues, and i'm pretty sure that maybe it's small issue , please any help
is your website available via http or https? Chrome does mark every http-website as dangerous automatically. You need https.
You need to configure your site to use SSL. For that you need to setup the server properly and get a SSL certificate. There are some services that allows you to create your own certificate for free, but not every hosting provider accepts them. In some cases you need to buy the certificate from your provider.
The most popular free certificate site is Let's Encrypt. You can read more on how to configure it on their site: https://letsencrypt.org.
Start with reading this: https://letsencrypt.org/getting-started/
You can read why google marked this site as Dangerous in this article click here. If you are using WordPress in your registered domain then contact your hoisting provider about this issue. But if you are using free sites then I would recommend using XAMPP (Localhost) or you can use website like Pantheon to install and use WordPress.
If you face problem on how to use this site then follow this YouTube link to learn how this site works. It will start at 5:31.
My client is using GoDaddy server hosting for WordPress website.If i update some changes in pages its will reflected only when dashboard is opened else changes are reflected after 4 to 5 hours.
I also contact with my service provider for cleaning cache, but its don't work.
I am not able to identity where is the problem.
This definitely sounds like a cache problem.
Depending on your website hosting plan, this can affect the changes you/other users see on the site after you've made changes to the backend. If you use a shared hosting plan, you share your website server with other websites which can slow the website and sometimes affect the cache.
Firstly, make sure you've removed cookies from your browser relating to the website in question. This can affect how the website looks until new cookies are saved from the website.
You can download a cache plugin 'W3 Total Cache' on Wordpress and this can be integrated into your website to flush the cash from the dashboard. However on a GoDaddy shared hosting plan, I've found this doesn't always work. Worth a try though!
In the same way that your web browser has a cache of recent web pages, your Internet Service Provider (ISP) may be doing some caching on your behalf.
This could be the problem, so you may have to communicate with your Internet Service Provider to fix this problem.
I would call GoDaddy customer service again beforehand and explain your problem in more detail.
This is not a server issue , this is a cache issue. You need to clear cache from you back end wp-admin. After that please check your changes with hard refresh browser ctrl+shift+R or ctrl+f5. Wordpress changes will be reflect on to front end.
I'm a new WordPress designer. My site runs Tesseract Theme and is built with Beaver Builder.
PROBLEM: When I post my website (https://louiseclark.tech) on Facebook it removed my site after a couple minutes. Now when I try to post my site it gives me this message--> It looks like a link you're sharing might be unsafe. If you can, please remove this link: louiseclark.tech Note: The unsafe link might be on the page you’re linking to.
What I've done to try and resolve:
When I ran my site through the Facebook debugger I got this message:
The 'fb:app_id' property should be explicitly provided, Specify the app ID so that stories shared to Facebook will be properly attributed to the app. Alternatively, app_id can be set in url when open the share dialog.
I created an app id following this instructional video: https://www.youtube.com/watch?v=V97h03H21y0
I pasted my app id into my Yoast SEO plugin under the Facebook category.
Check my Google Webmaster Tools Sitemap...all is verified and sitemap set.
SSL certificate is set - checked with my hosting company SiteGround. When I asked them about this problem they didn't really feel that the security issues where from their side.
I've reported this problem to the black hole that is Facebook support.
Thank you for any insight.
In case anyone sees this thread, I found the solution.
When I moved my WordPress sites to managed WordPress hosting I also migrated my websites to https with the SSL certificates. While the pages were migrated and displaying the https just fine, the images still held their old url (http).
I did two things:
I installed SSL Content Fixer plugin. This worked for some images but not others.
I installed Better Search Replace plugin. I had found the specific insecure images using Firefox. From my page in Firefox, I went to:
Tools -> Page Info -> Media This showed me every image/js/css call on this page. Finding these images allowed me to use the plugin to make the changes.
It worked. I'm quite sure knowing how to code my site would be much better in this situation. But I'm a newbie and this is what I could come up with.
What I learned: It's a flag when you have a secure site that embeds non secure objects/images.
http://ohri.srihari.guru
when I add to cart any of the event packages, which are the products, it works as planned in all browsers except for safari.
WHY does this happen?? I've tried installing a jquery cookie fixer from the woothemes support site to no avail...
safari is pretty critical for purchasing considering the high proportion of iOS users.
any help would be greatly appreciated... i've scoured the wordpress forums and woothemes forums and haven't found much. I even contacted my host #digitalocean support and they sent me a less than helpful response...
I tried all sorts of things to fix this and wasn't sure how, ultimately the issue was because I was using DNS forwarding with masking, and the links to external sites were not being addressed properly. i.e. my site was hosted at http://123.456.789/index.html but was masked to run at http://somewebSite.com/index.html. When i entered http://123.456.789/index.html in the browser clicking on those same links resulted in no X-frame-origins issues in the JS console, but running http://somewebSite.com/index.html did. In order to properly mask I had to add my host's DNS name servers to my domain service, i.e. godaddy.com should have name servers of example, ns1.digitalocean.com, ns2.digitalocean.com, ns3.digitalocean.com, if since I was using digitalocean.com as my hosting service. Changing the base site URL under settings/general in the WP dashboard maintained the root domain redirect in the address bar instead of showing the ip address.